Apache HugeGraph-Server flaw actively exploited, CISA warns
The vulnerability has been patched months ago, but now federal agencies have a deadline to patch......»»
Rogue WHOIS server gives researcher superpowers no one should ever have
.mobi top-level-domain managers changed the location of its WHOIS server. No one got the memo. Enlarge (credit: Aurich Lawson | Getty Images) It’s not every day that a security researcher acquires the ability to genera.....»»
Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes
September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, CVE-2024-43461) exploited by attackers in the wild, and a Windows 10 code defect (C.....»»
Ally Financial warns of "intensifying" credit challenges, shares slump
Ally Financial warned of challenges that have intensified over the quarter as borrowers struggled with high inflation......»»
CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766)
The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-40766 – a recently fixed improper access control vulnerability affecting SonicWall’s firewalls – to its Known Exploited Vulnerabilities catalog, thus.....»»
Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342)
Users of Zyxel network-attached storage (NAS) devices are urged to implement hotfixes addressing a critical and easily exploited command injection vulnerability (CVE-2024-6342). About CVE-2024-6342 Zyxel NAS devices are generally used by small to med.....»»
Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711)
CVE-2024-40711, a critical vulnerability affecting Veeam Backup & Replication (VBR), could soon be exploited by attackers to steal enterprise data. Discovered and reported by Code WHite researcher Florian Hauser, the vulnerability can be leveraged fo.....»»
Artemis III landing sites identified using mapping and algorithm techniques
Where would be the most ideal landing site for the Artemis III crew in SpaceX's Human Landing System (HLS)? This is what a recent study submitted to Acta Astronautica, and available on the arXiv preprint server, hopes to address as an international t.....»»
Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195)
For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-45195) that could lead to unauthenticated remote code execution. About CVE-2024-45195 Apache OFBiz is an.....»»
Domestic violence in sub-Saharan Africa could triple by 2060, warns report
Tens of millions of women and girls in sub-Saharan Africa will experience catastrophic levels of intimate partner violence because the world is failing to make progress on the climate crisis, according to new projections by UNFPA, the UN sexual and r.....»»
Binarly Transparency Platform 2.5 identifies critical vulnerabilities before they can be exploited
Binarly announced Binarly Transparency Platform 2.5 with several features designed to enhance software vulnerability management and improve security posture across enterprise environments. The key highlight of this release is the innovative Reachabil.....»»
vCISO services thrive, but challenges persist
While 75% of service providers report high customer demand for vCISO functionality, a new Cynomi report reveals that only 21% are actively offering it—opening a window onto a growth area for service providers while emphasizing the growing centralit.....»»
Zyxel warns of vulnerabilities in a wide range of its products
Most serious vulnerabilities carry severity ratings of 9.8 and 8.1 out of a possible 10. Enlarge (credit: Getty Images) Networking hardware-maker Zyxel is warning of nearly a dozen vulnerabilities in a wide array of its.....»»
Audit warns costs for NASA"s new Artemis launcher could balloon to $2.7 billion
NASA's second mobile launcher needed for future missions in the Artemis program is already years late and millions over budget, and NASA's Office of the Inspector General warns it could get even worse......»»
Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261)
Zyxel has patched a myriad of vulnerabilities in its various networking devices, including a critical one (CVE-2024-7261) that may allow unauthenticated attackers to execute OS commands on many Zyxel access points (APs) and security routers by sendin.....»»
VW warns of plant closures, job cuts in Germany to reduce spending
VW considers one large vehicle plant and one component factory in Germany to be obsolete, according to the automaker's works council......»»
VW warns of plant closures, forced lay offs in Germany in cost-cutting drive
VW considers one large vehicle plant and one component factory in Germany to be obsolete, according to the automaker's works council......»»
Research exposes how repeated information warps our decisions
Imagine the decisions you make every day, such as what to buy, who to trust, or who to vote for, are heavily influenced by a simple yet powerful flaw in your reasoning. Economists at the University of Surrey argue that people are systematically decei.....»»
Physics researchers identify new multiple Majorana zero modes in superconducting SnTe
A collaborative research team has identified the world's first multiple Majorana zero modes (MZMs) in a single vortex of the superconducting topological crystalline insulator SnTe and exploited crystal symmetry to control the coupling between the MZM.....»»
Unpatchable 0-day in surveillance cam is being exploited to install Mirai
Vulnerability is easy to exploit and allows attackers to remotely execute commands. Enlarge (credit: Getty Images) Malicious hackers are exploiting a critical vulnerability in a widely used security camera to spread Mira.....»»
Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717)
Advanced, persistent attackers have exploited a zero-day vulnerability (CVE-2024-39717) in Versa Director to compromise US-based managed service providers with a custom-made web shell dubbed VersaMem by the researchers. The malware harvests credentia.....»»